Capcom has acknowledged that the gaming giant lost sensitive data, including sales reports, employee personal details, and financial information in a ransomware attack carried out by Ragnar Locker Gang.
Renowned Japanese video gaming firm Capcom has confirmed in a press release that it became the victim of a ransomware attack earlier in November. It is suspected that the Ragnar Locker Gang is responsible for the attack.
The company also confirmed that possibly 350k personal information items are currently at risk as attackers gained access to nine current and former employees’ personal data, confidential sales reports, and financial information of its customers.
Additionally, the private details of around 350,000 business partners, customers, and former employees could have been compromised. Moreover, personal data of approx. 14,000 current employees and associated parties, as well as classified corporate data, may have been impacted.
Capcom also confirmed in a press release that credit card data wasn’t included in the compromised financial data.
Reportedly, the attack took place on 2 Nov 2020 and targeted the company’s servers. The attackers encrypted the data and are now demanding $11,000,000 in ransom in exchange for the decryptor key to recovering data and the confirmation that hackers will not reveal corporate data stolen during the attack.
However, the ransom note circulating on the web doesn’t reflect anything like this. The attackers seem to be in a menacing mood, as they have warned Capcom that:
“If No Deal made then all your data will be Published and/or sold through an auction to third parties.”
They also didn’t mention that they will delete the stolen data after receiving the ransom amount. The note also reveals that Capcom hasn’t yet paid the ransom to Ragnar Locker. Moreover, according to the BBC, the company won’t pay ransom to the attackers.
After detecting the attack, Capcom alerted the Osaka police department and is currently investigating to evaluate the full extent of data theft and implement measures to tighten its security.
The company noted that it is safe to connect to its websites and games. It is also informing individuals who got their data compromised in the attack.